Government Gurus Warn of Stolen SSH Rootkit Attacks

Aug 27, 2008 By Justin Ryan

The United States Computer Emergency Readiness Team is warning users running Linux systems and utilizing SSH for system access that a new round of rootkit attacks is underway. According to reports, the attacks focus on using stolen SSH keys to gain system access, after which the attackers use kernel exploits to gain root access and deploy the phalanx2 rootkit. Once installed, the rootkit steals SSH keys from the system which may then be used to further the attacks.

US-CERT has provided instructions for detecting and mitigating the attacks, as well as advice for those who determine their systems have been compromised.

______________________

Justin Ryan is a Contributing Editor for Linux Journal.

Already a subscriber? Click here for subscriber services.


You Need A Budget	Feb 10, 2012
The Linux powered LAN Gaming House	Feb 08, 2012
Creating a vDSO: the Colonel's Other Chicken	Feb 06, 2012
Your CMS Is Not Your Web Site	Feb 01, 2012
Casper, the Friendly (and Persistent) Ghost	Jan 31, 2012
Razor-qt 0.4 - Qt based Desktop Environment	Jan 30, 2012

Employment Posters
3 hours 49 min ago
Sure the best distro is
5 hours 9 min ago
BeOS was the best
7 hours 53 min ago
I use Wireshark on a daily
12 hours 24 min ago
buena información
17 hours 30 min ago
One important "bucket" that I didn't note (désolé si qqun deja d
18 hours 31 min ago
Gnome3 is such a POS. No one
1 day 3 hours ago
Gnome 3 is the biggest POS
1 day 4 hours ago
I didn't knew this thing by
1 day 10 hours ago
Author's reply
1 day 13 hours ago

Return to Solid State

Get Firefox Menu Button in Linux

Quick and Dirty SSH Tunneling

First Name	Last Name

Address 1	Address 2

City	State	Zip

Email

Government Gurus Warn of Stolen SSH Rootkit Attacks

Trending Topics

Poll

Digital Edition

Magazine Formats

The Store

About Us

The Site